Monday’s lawsuit is the SEC’s first against a corporate security chief in relation to a hack. A year ago, the regulator served so-called Wells notices related to its investigation of the cyberattack to SolarWinds and Tim Brown, vice president of security and CISO, signaling intentions to pursue a civil case. Chief Financial Officer J. Barton Kalsu also received a notice but wasn’t named in the SEC’s complaint Monday. SolarWinds has said its actions were appropriate and it plans a vigorous defense.
To guard against expensive and possibly career-damaging litigation, some CISOs are asking for the kind of personal protection normally reserved for top executives, such as severance agreements and directors and officers insurance.
‘Enforcement 40’ for 2020
Join Us On LinkedIn
Join the Securities Litigation and Enforcement Group on LinkedIn